[mapgrep]

Not knocking the project, which sounds cool, but the absolute last thing I want to self host is a password database exposed to the internet. Hard pass on that element.

1password used to have a peer to peer sync mode that I loved. No need for a server anywhere. You would open it on your Mac and then open it on your phone and if they were on the same network they would self discover. Too inconvenient, perhaps, for most users, but for the paranoid like me, it was ideal -- no servers involved at all.

(Technically, wifi sync I believe still exists IF you use 1password on Mac with a old style local vault, but it's basically unsupported. Mine just stopped working and I switched to 1password.com.)

[piaste]

Bitwarden only ever decrypts the password database on the client, and the login credentials you send to the server are only a hash of your actual encryption key.

In principle, you could store your Bitwarden database on a public torrent at no risk to your security :)

So, if you do trust the Bitwarden software in the first place, self-hosting it shouldn't be any more dangerous than using the managed service, because the server security isn't really a critical part of the defence model. And self-hosting allows you to build from source, if you're inclined to paranoia (Even though the worst a malicious server could do is delete your database).

That said, I have still bothered to set up strict fail2ban rules on my BW instance, because why not.

[dsissitka]

> (Even though the worst a malicious server could do is delete your database).

Unless you use the web client, and a lot of Bitwarden's functionality is only available via its web client (including critical functionality like changing your master password).

[mapgrep]

Well that’s the thing. If I’m content to trust the client side hashing or encryption on the secrets why bother setting up my own server? Conversely, if there are nefarious things that can happen on the server to compromise the data without me knowing about it, then I trust neither myself (because I’d be a bad sysadmin) nor a third party (not knowing what they’re up to). Or if I do trust a third party just use 1Password.

Reading between the lines it sounds like being able to build from source or see and install the source gives some assurance you can’t get via third party and the strong files give some assurance over me being a bad sysadmin. That’s either a sweet spot or uncanny valley depending on your perspective. :)

[piaste]

> If I’m content to trust the client side hashing or encryption on the secrets why bother setting up my own server?

Not that much, given that basic accounts are free. I guess that in addition to the building from source option, self-hosted Bitwarden (or at least Bitwarden-rs) includes all enterprise features for free.

The two most useful ones are probably sharing selected passwords with other users / groups, and attaching encrypted files to logins.

I wouldn't bother setting up a server and domain solely for it, but if you already have a personal webserver with a reliable backup strategy, since Bitwarden_rs barely uses any resources and is super easy to install, you might as well throw it in.

That's my case - I was already running a personal Nextcloud and Fediverse instance, so adding Bitwarden was like five lines of docker-compose and four of Caddyfile.

[uponcoffee]

You don't have to have it exposed to the internet. Without an active connection, clients cant make new passwords/sync, but you can access previously saved passwords that are already synced.

It also doesn't have to be exposed to the internet. You can have it accessible behind wireguard for instance.

I have it, a DNS server, cloud storage, etc on my home lan, and use wireguard to access it on the go.

[dylan604]

The switch from a paid for app to a renting app is my least favorite thing to come out of 1Password. I'm still on an older version that works on my laptop, desktop, iPhone, and iPad. I have a family license that allows up to 5 computers (I only use 2). My iDevice and laptop all sync via WiFi to the desktop. No iCloud, Dropbox, or whatever needed for syncing.

[parliament32]

>no servers involved at all

Personally, I'd trust one of my servers far more than a client shouting "yo someone send me a file to overwrite my db with" over multicast on the local starbucks wifi...

[jeromenerf]

> Not knocking the project, which sounds cool, but the absolute last thing I want to self host is a password database exposed to the internet. Hard pass on that element.

I have the exact opposite feeling. I would not selfhost email but I would selfhost a password manager and my files behind WireGuard, like many have said.

I have almost moved from cloud hosting to home server. This perfectly reasonable for non critical services that don’t require more than 90% availability. The simplicity of such a setup nowadays is a breeze of fresh air. Debian stable, WireGuard, syncthing, ssh, git, ... all are low maintenance and works fine with Linux and iOS clients.

[qzio]

I'm curious, how does syncthing and ios work for you? What kind of apps/settings do you use on the clients?

[jeromenerf]

There is no support for syncthing on iOS. I managed to get it halfway working on ish, but it’s just not there, so as of now, I use the shellfish ssh app, that allows to sync folders, through WireGuard also.

Note that I use syncthing for the casual read only "important documents", such as ID copies, tax documents, ebooks, etc. I don’t sync photos, movies and such. Most editable documents are in git repos.

I sometimes work on my iPad, and then I use a ssh client or the ish app (a shell, with vim, etc).

I have used this setup for years, and it’s just low friction, low maintenance for me. I have thought about using an own cloud/nextcloud setup, but it’s just too much work for little value. Like running gitlab instead of ssh and git.

[alschwalm]

I'm concerned about self hosting a service like this as well, so I put mine behind an nginx reverse proxy that requires a client cert for auth. That way, an attacker won't even be able to reach the bitwarden server to try to get in (unless there's a vulnerability in nginx).

[Fnoord]

You can host it all behind Wireguard. That way, an attacker doesn't have access to your Nginx proxy. After all, why would the whole internet need access to your Bitwarden server (or a reverse proxy serving it)?

[typicalbender]

They have a paid hosted option that I use they just also allow you to self host which is great.

[mekster]

Enabling 2fa sounds like a good enough security for most.

If you mean they may have a vulnerability, they've gone through a few security audits.

If you mean you can't adequately keep your own server secure, then pass it.